Reputation Risk in the Age of Hyper-Transparency
For the fifth consecutive year, reputation risk has topped the charts for risks potentially affecting a corporation’s value. Why does reputation risk remain such a high-level concern?
Companies should think about reputation risk as an additional layer of risk associated with third party risk which, if not properly managed, can lead to an even greater financial and reputational downside.
The concept of reputation risk has emerged as one of the top strategic concerns of boards of directors and c-suites alike. Reputation risk is unique in that it is not a single risk factor but one that attaches itself to other risks that can have material effect on a corporation.
The continued growth in number, type and importance of third parties is a primary driver for increasing concern about risks that can affect a company’s reputation. Third party risks are as numerous, multifaceted and diverse as third parties themselves. From corruption and fraud to cyber security and safety – companies need to consider not only the specific third party risk, but also the potential impact to the company’s reputation.
Today, a common third party risk is that of violating anti-corruption and bribery laws. In fact, 90%+ of all violations of the Foreign Corrupt Practices Act take place through the activities of third parties1. A company that does not have the appropriate internal programs, processes and controls in place to manage third party corruption risk has much greater exposure to reputational risk than a company with effective programs.
The reverse is true too – if a company has effective programs and controls in place to manage third party corruption risk, the reputational risk for that company, should there be a third party corruption problem, may be reduced or eliminated. If you want evidence of this, look no further than the high profile declination of Morgan Stanley. Indeed, in my book I call this “reputation opportunity” – something smart companies with the right programs in place are able to translate into value.Companies should think about reputation risk as an additional layer of risk associated with third party risk which, if not properly managed, can lead to an even greater financial and reputational downside. Placing the right governance, policies and technology in the hands of the right risk owners within the company will help to reduce the core risk and mitigate the associated third party reputation risk and potentially create the types of opportunity I mention earlier.
What follows is a short edited excerpt from my book “The Reputation Risk Handbook: Surviving and Thriving in the Age of Hyper-Transparency” that looks at the business case for reputation risk management – including third party associated reputation risk management.
The business case for reputation risk management
The case for effective reputation risk management in this Age of Hyper-Transparency can be made in two ways – accentuating the positive and exposing the negative. There is growing quantitative and qualitative evidence that smart reputation risk management can add value to the bottom line – through liability avoidance, cleaner and leaner processes and improved products and services. Indeed, properly deployed and integrated, effective reputation risk management can be transformational, actually adding value to the financial bottom line.
The financial sector has certainly been in the eye of this storm in recent years given the massive impact of questionable, illegal and downright criminal behaviours exhibited in this sector. Indeed, there is a growing body of work that is zeroing in on linking ethical behaviours (and their absence) and the attendant culture to results and performance.
Some of the major banks have dramatically increased their investment in programs and resources to deal with their compliance issues. Some are, however, missing a critical point: often the problem is not a “compliance” problem – but a systemic cultural problem in need of a more strategic solution. The real challenge begins and ends at the very top: the CEO and the board. Investors are also beginning to understand that this still nascent but growing activist and institutional investor movement for greater transparency has recently gathered steam.
Some banks are appointing high-level chief compliance officers who are part of the executive team, have a seat at the table and/or access to the board (HSBC, JP Morgan). Others have taken a different approach. For example, after its troubles in 2010, Goldman created a high level committee and issued 39 business standard principles and started a massive reputation management effort. Yet others are creating sustainable investment, community engagement programs and “green” measures to demonstrate their reformist bona fides (Morgan Stanley, Goldman). Smart reputation risk management is part of a long-term strategy, not a one-time fix – while the jury is out on these recent developments they provide hope.
1 Source: EY - 12th Global Fraud Survey Growing Beyond: a place for integrity.
Author: Andrea Bonime-Blanc is CEO of GEC Risk Advisory, the global governance, risk, integrity, reputation and crisis advisory firm (www.GECRisk.com)